Today, Amazon Kinesis Data Streams announces support for logging data plane APIs using AWS CloudTrail, enabling customers to have greater visibility into data stream activity in their AWS account for best practices in security and operational troubleshooting. Amazon Kinesis Data Streams is a serverless data streaming service that enables customers to capture, process, and store data streams at any scale.

CloudTrail captures API activities related to Amazon Kinesis Data Streams as events, including calls from the Amazon Kinesis Data Streams console and calls made programmatically using Amazon Kinesis Data Streams APIs. Using the information that CloudTrail collects, you can identify a specific request to an Amazon Kinesis Data Streams API, the IP address of the requester, the requester’s identity, and the date and time of the request. Logging Kinesis Data Streams APIs using CloudTrail helps you enable operational and risk auditing, governance, and compliance of your AWS account. Kinesis Data Streams APIs that are now supported for CloudTrail logging are:

GetRecords
GetShardIterator
PutRecord
PutRecords
SubscribeToShard

To opt-in for CloudTrail logging of the above mentioned data plane APIs, you can simply configure logging on your data stream using the AWS CloudTrail Console or by using CloudTrail APIs.

Read More for the details.

AWS Marketplace has upgraded the private offer creation experience for sellers, making it easier for you to extend custom pricing and terms to your customers. The new experience provides step-by-step guidance through the offer creation process, and allows you to save unfinished progress as a draft offer. With this launch, you will also be able to price multiple instances at once and auto-split payments into multiple scheduled dates. You can now work on a draft private offer over multiple sessions with the new ‘save and resume’ function, enabling you to gather information and correct errors before submitting an offer. Within the experience, bulk pricing by instance groups and an auto payment scheduler help speed up your offer creation by reducing the need to repeat similar inputs. If you need more information during the offer workflow, each step in the creation experience is equipped with guidance to explain each selection in more detail. These improvements save you time when creating your private offer, increasing your sales velocity through AWS Marketplace. This new feature is available for direct and channel partner private offers for SaaS, Amazon machine images (AMI), containers, and professional services products. To learn more, visit the AWS Marketplace Seller Guide. To try the feature now, visit the Offers tab in the AWS Marketplace Management Portal.  

Read More for the details.

Amazon Verified Permissions now enables customers using Cognito tokens for authorization, to write Cedar policies based on Cognito group memberships. The service has also added an additional API that enables developers to submit multiple token-based authorization requests, in a single API call. Verified Permissions provides fine-grained authorization for the applications that you build, allowing you to implement permissions as Cedar policies rather than application code. You can call Verified Permissions to authorize access to application APIs and resources, based on OIDC tokens generated by Amazon Cognito. Verified Permissions will evaluate Cedar policies using the claims in the token. Customers using the IsAuthorizedWithToken API, can now reference Cognito groups in their policies. Additionally, to help reduce latency and cost, Verified Permissions now supports a new API called batchIsAuthorizedWithToken. Using batch authorization, developers can modify the user experience based on permissions, for example, by making a single API request to determine which action buttons should be enabled on a page, or which resources to display in a list. More information on the batchIsAuthorizedWithToken API can be found in the API reference guide. These features are available in all AWS regions supported by Amazon Verified Permissions. Pricing is based on the number of API calls made, regardless of the number of authorization requests that are batched within each call. For more information on pricing visit Amazon Verified Permissions Pricing – AWS – Amazon Web Services. For more information on the service visit Fine-Grained Authorization – Amazon Verified Permissions – AWS

Read More for the details.

Amazon RDS for Db2 customers can now subscribe to hourly Db2 licensing from IBM through AWS Marketplace. Customers can now choose to either use an existing license via Bring-Your-Own-License (BYOL), or obtain a new license instantly through AWS Marketplace. Customers with seasonal or unpredictable workloads can use the hourly license to avoid the cost of over-provisioning. For example, customers in retail industries can pay a simple hourly rate to deal with increased holiday traffic, rather than predict how much licensing they need and pre-purchase them for peak capacity. Db2 license fees are charged by IBM through AWS Marketplace and appear under the AWS Marketplace section on your AWS invoice, which are in addition to your RDS cost. Amazon RDS for Db2 makes it easy to set up, operate, and scale Db2 databases in the cloud. See the Amazon RDS for Db2 Pricing page for pricing and regional availability information. To learn more about the AWS Marketplace license option, visit the AWS Documentation or read this step-by-step blog to get started.

Read More for the details.

Amazon OpenSearch Service’s alerting plugin now supports cross-cluster monitoring, allowing you to create monitors that can query data across multiple OpenSearch clusters from a centralized location. Built on top of cross-cluster search, this feature eliminates the need to recreate redundant alerting monitors on each cluster in your environment. With cross-cluster monitoring, you define which remote indexes to monitor; and the alerting plugin executes the queries, and processes the results during each scheduled execution. In addition, cluster metrics monitors can be used to get alerted based on the responses from popular API such as cluster health, and CAT indices. Cross-cluster monitoring enables a variety of powerful use cases. You can now monitor an application that has data segregated across multiple clusters, such as separate clusters for live and historical data. Organizations with a distributed cluster architecture spanning availability zones or regions can get a unified view of issues affecting their full application footprint. Cross-cluster monitoring also allows you to have dedicated monitoring clusters that don’t store application data but can still execute monitors against your data clusters. For information on upgrading to OpenSearch 2.13, please see documentation. OpenSearch 2.13 is now available in all AWS regions globally where Amazon OpenSearch service is available. To learn more about Amazon OpenSearch Service, please visit the product page.  

Read More for the details.